Ah OK I see. In this case it's best to seek help from the author(s) of those roles. As a start, you could submit an issue at https://github.com/freeipa/ansible-freeipa/issues
Regards On Mon, 16 Mar 2020 at 16:14, Andrew Meyer <andrewm...@gmail.com> wrote: > > I am trying to install the the FreeIPA client on CentOS and RHEL 6,7,8 > servers. > I am using the ansible-freeipa module > https://github.com/freeipa/ansible-freeipa > The only problem I have encountered is the one I pasted regarding the keytabs > or otp. > > Here is the command I used: > ansible-playbook --ask-vault-pass -i > /opt/syseng/automation/ansible/passwd.yml --inventory-file > /opt/syseng/automation/ansible/hosts/ansible_hosts > /opt/syseng/automation/ansible-freeipa/playbooks/install-client.yml -e > "target_servers=hostname001.loc.example.net" --user=user123 -vvvvvv > > > > freeipa inventory file > [ipaclients:vars] > ipaadmin_principal=admin > ipaadmin_password="{{ ipaadmin_password }}" > ipaclient_domain=loc.example.net > ipaclient_realm=LOC.EXAMPLE.NET > #ipaclient_keytab=/tmp/krb5.keytab > #ipaclient_use_otp=yes > #ipaclient_force_join=yes > #ipaclient_kinit_attempts=3 > ipaclient_mkhomedir=yes > ipaclient_allow_repair=yes > > $ ansible --version > ansible 2.9.6 > config file = /opt/syseng/automation/ansible/ansible.cfg > configured module search path = > ['/opt/syseng/automation/ansible-freeipa/playbooks/roles/ansible-freeipa/plugins/modules'] > ansible python module location = > /home/andrew.meyer/.local/lib/python3.6/site-packages/ansible > executable location = /home/andrew.meyer/.local/bin/ansible > python version = 3.6.8 (default, Nov 21 2019, 19:31:34) [GCC 8.3.1 20190507 > (Red Hat 8.3.1-4)] > > Hope that helps. > > On Saturday, March 14, 2020 at 12:09:32 PM UTC-5, Dick Visser wrote: >> >> Thanks for using ansible. To answer your question more information is >> needed. Could you please describe clearly all of the below: >> >> >> - What goal you are trying to achieve. >> >> - How you are doing this. >> >> - What problems you encounter. >> >> - Which commands did you run, and what actual output did you get (copied as >> plain text - not as screenshots, images, or other binary attachments). >> >> - What do the relevant inventory/tasks/playbooks/code/variables look like. >> >> - The output of ‘ansible --version’ >> >> >> >> >> On Fri, 13 Mar 2020 at 15:32, Andrew Meyer <andre...@gmail.com> wrote: >>> >>> I am trying to use the ansible-playbook to install the client on CentOS 8. >>> I am getting >>> the following error: >>> >>> TASK [ipaclient : Install - Check if one of password or keytabs are set] >>> ******************************************************************************************************************************************************************** >>> fatal: [host1.example.com]: FAILED! => {"changed": false, "msg": >>> "At least one of password or keytabs must be specified"} >>> >>> I'm not sure what is causing this. >>> >>> I have the following in my ansible-freeipa inventory hosts file: >>> >>> [ipaclients:vars] >>> ipaadmin_principal=admin >>> ipaadmin_password="{{ ipaadmin_password }}" >>> ipaclient_domain=domain.example.com >>> ipaclient_realm=DOMAIN.EXAMPLE.COM >>> #ipaclient_keytab=/tmp/krb5.keytab >>> #ipaclient_use_otp=yes >>> #ipaclient_force_join=yes >>> #ipaclient_kinit_attempts=3 >>> ipaclient_mkhomedir=yes >>> ipaclient_allow_repair=yes >>> >>> >>> When I run the playbook I have it accessing a secrets file. >>> >>> Thanks in advance! >>> >>> -- >>> You received this message because you are subscribed to the Google Groups >>> "Ansible Project" group. >>> To unsubscribe from this group and stop receiving emails from it, send an >>> email to ansible...@googlegroups.com. >>> To view this discussion on the web visit >>> https://groups.google.com/d/msgid/ansible-project/864cdaa5-570f-48eb-8fad-5cba41d51bf9%40googlegroups.com. >> >> -- >> Sent from a mobile device - please excuse the brevity, spelling and >> punctuation. > > -- > You received this message because you are subscribed to the Google Groups > "Ansible Project" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to ansible-project+unsubscr...@googlegroups.com. > To view this discussion on the web visit > https://groups.google.com/d/msgid/ansible-project/c396a661-3e22-4806-a41e-29df49a2281e%40googlegroups.com. -- Dick Visser Trust & Identity Service Operations Manager GÉANT -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/CAL8fbwNmh1tYr%2BepJ_Lvm_f%3DG7nXmqYAs7yBr_wnu%3DqRxyKBgw%40mail.gmail.com.
